GDPR. Now’s the time to get on top of your website security
Website security is something that we can’t talk about enough. When you’ve got your site up and running, it’s the single most important website related area that you need to focus your energy on.
This year sees the introduction of a new regulation, GDPR. In a nutshell, GDPR aims to give control back to individuals over their personal data and if and how it is used by businesses and organisations. It also requires organisations that handle personal data to ensure that they put appropriate security in place.
For businesses who use individual’s data as part of their core function (e.g through transactions on a website, or to market), the spotlight is on. It’s never been more important to ensure that your website and that data that you store within it, is as secure as it can be.
How do you get on top of website security?
Firstly, you need to make it a business priority. Weave it into all of your normal businesses processes – at the most basic level, think through:
- Does your hosting provider issue regular and timely security checks? Once a security alert is issued by a software company, you must act very quickly to make the relevant updates, otherwise you are leaving your website vulnerable and open to immediate attack.
- Do you have a process for handling the security of personal data during periods of development or support?
- Are private data files properly and adequately secured? Do they have the correct access control?
- Are your servers properly managed in terms of security?
- Do you have a back up plan? None of us want to imagine that something will go wrong, but it could, and it does. Are you clear on what to do if your site does go down, what happens? How will you protect any data held on individuals? How will you recover your business? You’ll need to work back to when you last had an uncorrupted version of your website – can your hosting company do this? Are they competent and capable in terms of disaster recovery? Every second counts…
We like to think of GDPR as an opportunity.
We are using GDPR as an opportunity to re-visit all of our own security measures and practices.
We are proud to host hundreds of different websites for our customers and security has always been and will always be our number one priority.
As part of our hosting service, we offer security for all the websites we build. This includes regular updates, fixes, de-bugging and SSL certificates. For some clients, our enhanced security service is needed, providing extra barriers to help protect their particular business. This includes things like monitoring, encryption of data, back ups and more.
We must remember that no site is completely hack proof. However, staying on top of your security process and working with a hosting company who knows their stuff will provide as many barriers as possible to breaking into your site and with GDPR on the horizon, now has never been a better time to get on top of your web security.
For our quick introduction to GDPR, read GDPR. Excuse me, what did you say?
For some essential actions to take related to your website, read 5 Essential Actions. A helpful GDPR website checklist.
For detailed information from the Information Commissioner's Office, visit Guide to the General Data Protection Regulation